Classified data-at-rest (DAR) in deployed applications faces both internal and external threats that can subject sensitive data to exploitation.
DAR is particularly vulnerable during missions if the deployed vehicle is lost but is also at risk during transport to and from the vehicle. Adversaries are interested in obtaining any information from lost or captured vehicles. Nation-states and hackers also put networked DAR at risk, while internal threats such as bad actors also threaten sensitive DAR. Such threats typically come from nation-states with significant cipher analysis infrastructure but may include terrorist organizations as well.
The sensitive DAR is also at high risk when transported from the ground (or base) station to the vehicle. After a mission, the DAR will be transported from the vehicle back to the ground station for analysis. More information is usually collected during a mission, making this data even more valuable.
Before or after a mission, the DAR located on networks in the ground station is at risk from internal threats. People motivated by principle or money have previously obtained, leaked, and sold sensitive DAR. While the external threats are unpredictable, they usually can be identified, and corrective action can be taken. With internal leaks, the damage is usually not evident until after the breach event.
For all these reasons, it is critical to protect classified DAR and the devices on which it rests. One element in a multilayered DAR protection approach is to protect the processors within the computer systems and network attached storage (NAS) devices. This white paper briefly discusses a standards-based approach for processor protection: the trusted platform module or TPM. For more information regarding threats to the classified DAR, please see the white paper: DAR Series Part 1: Data Threats and Protection.